** Also affects: linux-bluefield (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: linux-bluefield (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: linux-bluefield (Ubuntu Focal)
Status: New => In Progress
** Changed in: linux-bluefield (Ubuntu Focal)
Assignee: (unassigned) => Jitendra Lanka (jlankanvidia)
** Changed in: linux-bluefield (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-bluefield in Ubuntu.
https://bugs.launchpad.net/bugs/1959119
Title:
Fix sprintf usage that may lead to buffer overflow
Status in linux-bluefield package in Ubuntu:
Invalid
Status in linux-bluefield source package in Focal:
In Progress
Bug description:
SRU Justification:
[Impact]
Fix references to sprintf that have a possibility for buffer overflow
[Fix]
Replace sprintf with snprintf containing a defined boundary of PAGE_SIZE for
sysfs store/show functions and max array size defined otherwise.
[Test Case]
Existing testcases should work as is as no functional change has been
introduced by this patch.
[Regression Potential]
Regression potential can be considered minimal since the patch does not
change any function of the driver other than limiting the upper bound of
sprintf where the usual lengths parsed are < PAGE_SIZE and requests > PAGE_SIZE
are limited.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/1959119/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
